X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fmunin%2Fmanifests%2Finit.pp;h=87ba7488412da9bc8eb6d8081786fe3d7d207e41;hb=6f10c816da4e6a1b8e917214f0bcb9001602523c;hp=736fd0d21bc1bec1cdb19c248b4d4e5dea9de3da;hpb=c2858d8d0367bec45e7d315bcf4bcce5f653e5fd;p=mirror%2Fdsa-puppet.git

diff --git a/modules/munin/manifests/init.pp b/modules/munin/manifests/init.pp
index 736fd0d21..87ba74884 100644
--- a/modules/munin/manifests/init.pp
+++ b/modules/munin/manifests/init.pp
@@ -55,19 +55,6 @@ class munin {
     notify  => Service['munin-node'],
   }
 
-  ferm::rule { 'dsa-munin-v4':
-    description => 'Allow munin from munin master',
-    rule        => 'proto tcp mod state state (NEW) dport (munin) @subchain \'munin\' { saddr ($HOST_MUNIN_V4 $HOST_NAGIOS_V4) ACCEPT; }',
-    notarule    => true,
-  }
-
-  ferm::rule { 'dsa-munin-v6':
-    description => 'Allow munin from munin master',
-    domain      => 'ip6',
-    rule        => 'proto tcp mod state state (NEW) dport (munin) @subchain \'munin\' { saddr ($HOST_MUNIN_V6 $HOST_NAGIOS_V6) ACCEPT; }',
-    notarule    => true,
-  }
-
   @@munin::master_per_node { $::fqdn: }
 
   package { 'munin-async':
@@ -84,6 +71,10 @@ class munin {
       | EOF
   }
   file { '/etc/ssh/userkeys/munin-async':
-    source => 'puppet:///modules/munin/munin-async-authkeys',
+    ensure => 'absent',
+  }
+  ssh::authorized_key_collect { 'munin-async-fetcher':
+    target_user => 'munin-async',
+    collect_tag => 'munin::munin-async-fetch',
   }
 }